CVE-2006-6715

Name of the Vulnerable Software and Affected Versions: PowerClan versions 1.14a and earlier

Description: The issue allows remote attackers to execute arbitrary PHP code when register globals is enabled. This is achieved via a URL in the settings[footer] parameter.

Recommendations: For PowerClan versions 1.14a and earlier, consider disabling the register globals setting to prevent exploitation until a patch is available. Restrict access to the footer.inc.php file to minimize the risk of arbitrary PHP code execution. Avoid using the settings[footer] parameter in URLs until the issue is resolved.